Process and device for authentication

ABSTRACT

The authentication process comprises:
         a step of generating a random number ( 105 ),   a step of generating a time-stamp ( 115 ),   a step of generating a first secret key ( 120 ),   a step of truncating the message authentication code utilizing said first secret key ( 125 ),   a step of symmetrically encrypting the random number, time-stamp and truncation ( 135 ), utilizing a second secret key ( 130 ) to produce an authentication code ( 145 ). Preferably, during the step of generating a random number, a quantum generator ( 100 ) is utilized. Preferably, during the truncation step, a cryptographic message authenticator is generated utilizing the first secret key. Preferably, during the step of symmetrically encrypting the random number, time-stamp and truncation, by utilizing the second secret key, in addition a hash ( 140 ) is produced.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a division of U.S. application Ser. No. 12/278,211,filed on May 6, 2009, which is the 35 U.S.C. 371 National Stage ofPCT/FR2007/000206 filed Feb. 5, 2007, which claimed priority to FrenchApplication 0601004 filed Feb. 3, 2006, French Application 0601625 filedFeb. 24, 2006 and French Application 0601739 filed Feb. 27, 2006. Theentire contents of these applications are hereby incorporated byreference.

BACKGROUND OF THE INVENTION

The present invention concerns an authentication process and device. Itapplies, in particular, to the protection against the counterfeiting oftrademarks, distinctive symbols and the products that bear them.

There are product marking systems, for example with ink-jet printerslocated on the production line for printing a serial number on eacharticle. Other systems utilize codes.

These systems are nevertheless vulnerable and the counterfeiters falsifythese codes or determine how they operate, which allows them to generatecodes that appear to authenticate the counterfeit products.

SUMMARY OF THE INVENTION

The aim of the present invention is to remedy these drawbacks. To thisend, the present invention envisages, according to a first aspect, anauthentication process, characterized in that it comprises:

-   -   a step of generating a random number,    -   a step of generating a time-stamp,    -   a step of generating a first secret key,    -   a step of truncating the message authentication code utilizing        said first secret key,    -   a step of symmetrically encrypting the random number, time-stamp        and truncation, utilizing a second secret key to produce an        authentication code.

Thanks to these provisions, many items of information can be encrypted,including the date the code was created, a random number and atruncation. In addition, this encrypted information can be retrievedthanks to knowledge of the second secret key. Nevertheless, the firstsecret key is useful for retrieving authentication information. Thus,each production site utilizes two secret keys. By testing the differentpossible secret keys on a code, you can thus determine the origin ofthis code and the date it was created.

Thanks to the utilization of the present invention, a database does notneed to be maintained in the production area, which simplifies theoperation of the production tool.

In addition, detection of two identical codes enables a forgery to bedetected immediately.

In addition, truncation makes it possible to keep the printed code at areasonable size. For practical reasons, the code's small size thereforepresents advantages of compactness and esthetics.

According to particular features, during the step of generating a randomnumber, a quantum generator is utilized.

Thanks to these provisions, the random number is truly random, not apseudo-random number.

According to particular features, during the truncation step, acryptographic message authenticator is generated utilizing the firstsecret key.

According to particular features, during the step of symmetricallyencrypting the random number, time-stamp and truncation, by utilizingthe second secret key, in addition a hash is produced.

It is noted that a hash is also called, in its simplest form, a“checksum”. This control character makes it possible to check in asimple way that the code is entered correctly.

According to particular features, the process as briefly described abovecomprises a step of regularly modifying the first secret key andtransmitting the new secret key to a production site.

According to particular features, during the symmetric encryption step,a code is generated comprising alphanumeric characters.

According to a second aspect, the present invention envisages anauthentication device, characterized in that it comprises:

-   -   a means of generating a random number,    -   a means of generating a time-stamp,    -   a means of generating a first secret key,    -   a means of truncating the message authentication code utilizing        said first secret key,    -   a means of symmetrically encrypting the random number,        time-stamp and truncation, utilizing a second secret key to        produce an authentication code.

The advantages, aims and characteristics of this device being similar tothose of the process that is the subject of the first aspect, they arenot repeated here.

The present invention also concerns an authentication process anddevice. It applies in particular to the marking of documents withholograms comprising information enabling the detection of copies, thesecurization of documents by managing intellectual property rights andthe fight against counterfeiting.

There are many methods in the digital rights management field, knownunder the name DRM (acronym for Digital Rights Management). Thesemethods generally apply to software and multimedia works and are aimedat prohibiting or limiting the possibility of copying a work or a pieceof software. These methods present the drawback of being complex toutilize. In addition, they do not apply to the protection of printeddocuments.

The aim of the present invention is to remedy these drawbacks.

To this end, the present invention envisages, according to a thirdaspect, an authentication process, characterized in that it comprises:

-   -   a step of transferring a holographic matrix onto a base,    -   a step of marking said holographic matrix by laser shot, in        order to produce a digital code that cannot be interpreted by        the human eye, preserving the optical diffraction properties of        the holographic matrix, and designed to enable the detection of        a copy of a document realized using said holographic matrix.

Thanks to these provisions, the digital code protection functions arecombined with those of the hologram without destroying the opticaldiffraction properties enabling the hologram to be visualized.

According to particular features, during the marking step, the impact ofeach laser shot presents a greater dimension and a depth allowing thehologram's optical diffraction properties to be preserved.

According to particular features, the process as briefly described abovecomprises a step of determining the digital code so that this digitalcode is representative of an identifier of a product associated to thehologram represented by the holographic matrix.

According to particular features, during the step of marking, aplurality of different digital codes are produced, each associated to anidentical holographic matrix.

Thanks to these provisions, the various products realized usingidentical holographic matrices associated to different digital codes aredifferent and thus enable better traceability.

According to particular features, during the step of marking, thedigital codes are placed, with respect to the corresponding holographicmatrices, in different positions.

According to particular features, during the step of marking, therelative position of the digital code and the holographic matrix isdependent on an item of data represented by said digital code.

According to particular features, the process as briefly described abovecomprises a step of determining an additional code and a step ofprinting said additional code on a document produced using saidholographic matrix.

According to a fourth aspect, the present invention envisages anauthentication device, characterized in that it comprises:

-   -   a means of transferring a holographic matrix onto a base,    -   a means of marking said holographic matrix by laser shot, in        order to produce a digital code that cannot be interpreted by        the human eye, preserving the optical diffraction properties of        the holographic matrix, and designed to enable the detection of        a copy of a document realized using said holographic matrix.

As the particular characteristics, advantages and aims of this deviceare similar to those of the process that is the subject of the thirdaspect, as briefly described above, they are not repeated here.

The present invention also concerns an authentication process and devicefor molded items. It applies in particular to the marking of molds andmolded items with information enabling the detection of copies and thefight against counterfeiting.

There are many methods in the digital rights management field, knownunder the name DRM (acronym for Digital Rights Management). Thesemethods generally apply to software and multimedia works and are aimedat prohibiting or limiting the possibility of copying a work or a pieceof software. These methods present the drawback of being complex toutilize. In addition, they do not apply to the protection of printeddocuments.

The aim of the present invention is to remedy these drawbacks.

To this end, the present invention envisages, according to a fifthaspect, an authentication process, characterized in that it comprises:

-   -   a step of realizing a mold,    -   a step of marking said mold by laser shot, in order to produce a        digital code that cannot be interpreted by the human eye,        designed to enable the detection of a copy of the mold realized        using items molded with said mold, or molded items realized        using said copied mold.

Thanks to these provisions, the digital code protection functions arecombined with those of the mold without noticeably modifying the moldeditem.

According to particular features, the process as briefly described abovecomprises a step of determining the digital code so that this digitalcode is representative of an identifier of the mold or items molded withsaid mold.

According to particular features, the process as briefly described abovecomprises a step of determining an additional code and a step ofprinting said additional code on an item molded with said mold.

According to a sixth aspect, the present invention envisages anauthentication device, characterized in that it comprises:

-   -   a means of realizing a mold and    -   a means of marking said mold, by laser shot, in order to produce        a digital code that cannot be interpreted by the human eye,        designed to enable the detection of a copy of the mold realized        using items molded with said mold, or molded items realized        using said copied mold.

As the particular characteristics, advantages and aims of this deviceare similar to those of the process that is the subject of the fifthaspect, as briefly described above, they are not repeated here.

BRIEF DESCRIPTION OF THE DRAWINGS

Other advantages, aims and characteristics of the present invention willbecome apparent from the description that will follow, made, as anexample that is in no way limiting, with reference to the accompanyingdrawings, in which:

FIG. 1 represents, in the form of a logical diagram, the functions andsteps utilized in a particular embodiment of the process that is thesubject of the first aspect of the present invention for generating anauthentication code,

FIG. 2 represents, in the form of a logical diagram, the functions andsteps utilized to check the authenticity of an authentication code,according to the first and second aspects of the present invention,

FIG. 3 represents, schematically, a particular embodiment of a devicethat is the subject of the fourth aspect of the present invention,

FIG. 4 represents, schematically and in cross section, a holographicmatrix marked by the device shown in FIG. 3,

FIG. 5 represents, in the form of a logical diagram, steps utilized in aparticular embodiment of the process that is the subject of the thirdaspect of the present invention,

FIG. 6 represents, schematically, a particular embodiment of a devicethat is the subject of the sixth aspect of the present invention,

FIG. 7 represents, schematically and in cross section, a mold marked bythe device shown in FIG. 6 and

FIG. 8 represents, in the form of a logical diagram, steps utilized in aparticular embodiment of the process that is the subject of the fifthaspect of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

Throughout the description of the first and second aspects (FIGS. 1 and2), the terms “ciphering” and “encryption” are used interchangeably,these functions consisting of encrypting data by utilizing an encryptionkey.

FIG. 1 shows a means of generating random numbers 100 performing therandom number generation function 105, a hardware key 110 performing thetime-stamp supply function 115, a preservation memory for a first secretkey 120, a message authentication code truncation function 125, apreservation memory for a second secret key 130, a symmetric encryptionfunction 135, a hash output 140 and an authentication code output 145.

The random number generation means 100 provides, for each processgenerating an authentication code and associated hash, a differentrandom number 105. For preference, this random number generation meanscomprises a quantum generator so that these numbers are notpseudo-random, which might detract from the security of the process.

The hardware key 110 is, for example, a key that can be plugged into aUSB port. It holds a clock, which cannot be modified via interactionswith this key. The time-stamp provided by this hardware key 110represents the date, hour, minute and second when this time-stamp issupplied.

The preservation memory for a first secret key 120 can be portable, forexample in the form of a key that can be plugged into a computer's port,or solely accessible on a secure server and provided on request afterthe request emitter has been identified.

The message authentication code truncation function 125. For theutilization of this truncation function, known to people in this field,the reader may consult the document“http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf”. Withthis function, a cryptographic message authenticator is generated inaccordance with the “Keyed-Hash Message Authentication Code” standardutilizing the first secret key. This signature is truncated inaccordance with the standard so as to limit its size.

It is noted that truncation makes it possible to keep the printed codeat a reasonable size. For practical reasons, the code's small sizetherefore presents advantages of compactness and esthetics.

The preservation memory for the second secret key 130 can also beportable or solely accessible on a secure server.

The symmetric encryption function 135 utilizes a symmetric encryptionalgorithm (for example, the algorithms known under the names Rijndael,DES, TripleDES, RC5 (registered trademarks) can be used in this step).The Blowfish (registered trademark) algorithm presents the advantages ofbeing rapid, free and considered robust. With regard to Blowfish, thereader may consult documenthttp://www.schneier.com/paper-blowfish-fse.html.

The symmetric encryption function generates a code comprisingalphanumeric characters and a hash. It is noted that a hash is alsocalled, in its simplest form, a “checksum”. The hash output 140 and theauthentication code output 145 make it possible to associate theauthentication code and the hash to a product so that they becomeinterdependent and allow the product to be authenticated. For example,these outputs 140 and 145 are linked to an ink-jet printer that printsthem on the product, its label or its packaging. The large numbers usedin the authentication code generation process ensures that detection oftwo identical codes enables the immediate detection of a forgery of aproduct protected by this authentication code.

For preference, the owner of the intellectual or industrial propertyrights linked to products controls the supply, to each of theseproducts' production sites, of the two keys utilized in theauthentication code generation process. He or she can therefore decideon the frequency with which these secret keys are changed.

For preference, the authentication code generation process comprises astep regularly and automatically modifying each production site's firstsecret key, each new first secret key being immediately transmitted tothe production site in question.

As can be seen, on reading the description of FIG. 1, the authenticationprocess that is the subject of the present invention comprises:

-   -   a step of generating a random number,    -   a step of generating a time-stamp,    -   a step of generating a first secret key,    -   a step of truncating the message authentication code utilizing        said first secret key,    -   a step of symmetrically encrypting the random number, time-stamp        and truncation, utilizing a second secret key to produce an        authentication code.

In this way, many items of information can be encrypted, including thedate the code was created, a random number and a truncation. Inaddition, this encrypted information can be retrieved thanks toknowledge of the second secret key. Nevertheless, the first secret keyis useful for retrieving authentication information. Thus, eachproduction site utilizes two secret keys. By testing the differentpossible secret keys on a code, you can thus determine the origin ofthis code and the date it was created.

It is also understood that utilization of the present invention makes itpossible to avoid having to maintain a database of generatedauthentication codes, which simplifies the operation of the productiontool.

FIG. 2 shows an input 205 for an authentication code and a hash, a hashchecking function 210, a symmetric decryption function 215 utilizing twodecryption keys 220 and 225 and an authenticity checking function 230.

With regard to checking the authentication code, the particularembodiment of the process that is the subject of the present inventionutilizes two levels of checks:

a) a message integrity check: by using all of the known cryptographickey pairs (secret keys 1 and 2), the integrity of the message ischecked. This is done by comparing the signature (HMAC) calculated afterdecrypting the symmetric encryption and the signature of the token.

b) a message consistency check: once the integrity has been verified,the message is checked to make sure it is structurally consistent. Ineffect, a code generator stolen from its owner continues to generateauthentic codes. However the date contained in the code allows validcodes (before the date of the theft) to be distinguished frominconsistent codes (after the date of the theft). The consistency checkis therefore realized by comparing the following three elements: thenumber of the generator (site); the code date; the cryptographic codesvalidated in the integrity check step, to the repository of generateddata on the USB keys.

The code that is discussed in this document is intended to be marked orprinted clearly on the products. In a variant, the consumer who wishesto find out about a product in his or her possession can use a websiteor an equipped call centre to check the integrity and consistency of thecode. This consultation provides a presumption of counterfeiting in thefollowing cases:

-   -   the code is not authentic or is inconsistent or    -   the code has already been checked.

With regard to the third and fourth aspects of the present invention,FIG. 3 shows a means of determining a digital code 300, a graphic designmeans 305, a means 310 of transferring a holographic matrix 315 onto abase 320 and a marking means 325.

The means of determining the digital code 300 is of a known type. It isdesigned to determine a digital code presenting at least the followingfunctions:

firstly, to represent an item of information identifying a product, adate of manufacture, a manufacturer, a rights owner, a manufacturingorder and/or a place of manufacture, for example, in a sufficientlyrobust way so that, even if this digital code is deteriorated, forexample by copying, at least part of the information it representsremains accessible and

secondly, to enable the detection of any copy of this digital code withknown types of scanning and printing means.

To perform the first function indicated above, the digital code cancomprise redundancies and/or error correction codes, known under thename “checksum” or “CRC” (for cyclic redundancy checksum). To performthe second function the entropy of the code and/or the dimension of itsprint are adapted, according to known techniques in the matter ofanti-copy codes. The digital code is transmitted by the means ofdetermining the digital code to the marking means 325.

The graphic design means 305 is of a known type. It makes it possible todefine each graphics element of a holographic matrix 315 intended to betransferred, by the transfer means 310, onto the base 320 with a view toprinting holograms on printed documents.

The transfer means 310 is of a known type. The base 320 is, generally,nickel.

The marking means 325 is designed to carry out laser shots on the base320, once this presents the holographic matrix, in points defined by thedigital code. For example, the digital code takes the form of a matrixof points that can take two values, one of the values being associatedto a laser shot and the other not being associated to it. The markingmeans 325 is, for preference, designed to perform laser shots, theimpacts of which possess a diameter and a depth allowing the hologram'soptical diffraction property to be preserved.

FIG. 4 shows the base 320 bearing the holographic matrix 315 and lasershot impacts 405. Each impact 405 presents a greater dimension and adepth preserving the optical diffraction properties of the hologramrealized using the holographic matrix. It is noted that the impacts 405can be located on the holographic matrix 315 or outside it. Because ofthe respective dimensions mentioned above, the impacts 405 and theholographic matrix 315 are not, in FIG. 4, to scale.

FIG. 5 shows that the authentication process comprises, firstly, a step505 determining the digital code so that this digital code isrepresentative of an identifier of a product associated to the hologramrepresented by the holographic matrix.

Then during a transfer step 510, a holographic matrix is transferredonto a base.

During a step 515, a plurality of different digital codes are produced,each associated to an identical holographic matrix and the positions ofthe digital codes so that the digital codes are located, with respect tothe corresponding holographic matrices, in different positions,positions that depend on an item of information represented by saiddigital code.

During a marking step 520, said holographic matrix is marked by lasershot, to produce the digital code that cannot be interpreted by thehuman eye, preserving the optical diffraction properties of theholographic matrix, and designed to enable the detection of a copy of adocument realized using said holographic matrix.

During the marking step 520, the impact of each laser shot presents agreater dimension and a depth allowing the hologram's opticaldiffraction properties to be preserved.

During a step 525, an additional code is determined and, during a step530, said additional code is printed on a document produced using saidholographic matrix.

In this way, by utilizing the procedure that is the subject of thepresent invention, the digital code protection functions are combinedwith those of the hologram without destroying the optical diffractionproperties enabling the hologram to be visualized.

The various products realized using identical holographic matricesassociated to different digital codes are different and thus enablebetter traceability.

The preservation of the diffraction optics has the advantage that themark remains unnoticed.

With regard to the additional code mentioned in steps 525 and 530, theycan be made invulnerable to decoding. For example, these codes utilizekey pairs conforming to the PKI (for Public Key Infrastructure) publickeys infrastructure. These codes are supplied, on request, to theservers of rightholder subscribers.

For preference, these additional codes represent a first content, forexample, a code can represent the rightholder's name, a reference of theproduct to be marked and/or a code generation date and are possiblyunique, i.e. assigned to a single product or printed document.

For preference, the additional codes comprise error correction codes,for example of the type known under the name “CRC”.

To print each additional code, marks are generated, using the additionalcode, which are representative of the additional code and, forpreference, of a code specifically assigned to the product in said setof products, the representative mark being, as a result, different foreach product of said set.

It is noted that the mark can take several forms. According to a firstexample, the mark is a bar code associated to the product. According toa second example, the mark is a set of alphanumeric charactersassociated to the product. According to a third example, the mark is abar code in at least two dimensions or a data matrix, known under thename datamatrix, associated to the product.

The mark representative of the additional code may be printed by anink-jet printer or may be produced, in the product or packagingmaterial, via impact from a laser beam or printed by thermal transfer.

In particular embodiments, laser impacts are read, for example by meansof a camera, and, according to the information read, the additional codeassociated to the product is changed, for example by coding.

In a variant, the mark is made invisible by selecting a particularproduction process, for example locally altering the reflectioncoefficient of the label or the packaging or utilizing an invisible inkof a known type.

In a variant, the mark is copied in several parts of the packaging.

With regard to the fifth and sixth aspects of the present invention,FIG. 6 shows a means of determining a digital code 600, a means ofdesigning a mold 605, a means 610 of producing a mold 615 and a markingmeans 625.

The means of determining the digital code 600 is of a known type. It isdesigned to determine a digital code presenting at least the followingfunctions:

firstly, to represent an item of information identifying a product, adate of manufacture, a manufacturer, a rights owner, a manufacturingorder and/or a place of manufacture, for example, in a sufficientlyrobust way so that, even if this digital code is deteriorated, forexample by copying, at least part of the information it representsremains accessible and

secondly, to enable the detection of any copy of this digital code withknown types of capture and production means.

To perform the first function indicated above, the digital code cancomprise redundancies and/or error correction codes, known under thename “checksum” or “CRC” (for cyclic redundancy checksum). To performthe second function the entropy of the code and/or the dimension of itsmarking are adapted, according to known techniques in the matter ofanti-copy codes. The digital code is transmitted by the means ofdetermining the digital code to the marking means 625.

The means of designing the mold 605 is of a known type, for example acomputer equipped with a computer-aided design system. It makes itpossible to define each element of a mold 615 intended to be produced,by the production means 610, with a view to molding items, for examplein plastic.

The production means 610 is of a known type.

The marking means 625 is designed to carry out laser shots on the mold615, once this has been produced, or on the material serving to makethis mold 615, in points defined by the digital code. For example, thedigital code takes the form of a matrix of points that can take twovalues, one of the values being associated to a laser shot and the othernot being associated to it. The marking means 625 is, for preference,designed to perform laser shots, the impacts of which possess a diameterand a depth allowing the detection of a copy of the mold realized usingan item molded with the mold 615, and items molded using this copy ofthe mold.

FIG. 7 shows the mold 615 and laser shot impacts 705. It is noted thatthe impacts 705 can be located on a flat or curved part of the mold 615.Because of the respective dimensions, the impacts 705 and the mold 615are not, in FIG. 7, to scale.

FIG. 8 shows that the authentication process comprises, firstly, a step805 determining the digital code so that this digital code isrepresentative of an identifier of the mold 615 or items molded usingthis mold 615.

Then, during a production step 810, the mold 615 is produced.

During a marking step 820, the mold 615 is marked by laser shot, toproduce the digital code that cannot be interpreted by the human eye,and designed to enable the detection of a copy of the mold realizedusing an item molded with the mold 615, or an item molded using saidcopy.

During a step 825, an additional code is determined and, during a step830, said additional code is printed on a molded item produced with saidmold 615.

In this way, by utilizing the procedure that is the subject of thepresent invention, the digital code protection functions are combinedwith those of the mold without noticeably modifying the molded items.

The various products realized using the mold thus enable bettertraceability and the detection of copies and counterfeits.

With regard to the additional code mentioned in steps 825, they can bemade invulnerable to decoding. For example, these codes utilize keypairs conforming to the PKI (for Public Key Infrastructure) public keysinfrastructure. These codes are supplied, on request, to the servers ofrightholder subscribers.

For preference, these additional codes represent a first content, forexample, a code can represent the rightholder's name, a reference of theproduct to be marked and/or a code generation date and are possiblyunique, i.e. assigned to a single product or printed document.

For preference, the additional codes comprise error correction codes,for example of the type known under the name “CRC”.

To print each additional code, marks are generated, using the additionalcode, which are representative of the additional code and, forpreference, of a code specifically assigned to the product in said setof products, the representative mark being, as a result, different foreach product of said set.

It is noted that the printed mark can take several forms. According to afirst example, the mark is a bar code associated to the product.According to a second example, the mark is a set of alphanumericcharacters associated to the product. According to a third example, themark is a bar code in at least two dimensions or a data matrix, knownunder the name datamatrix, associated to the product.

The printed mark representative of the additional code may be printed byan ink-jet printer or may be produced, in the product or packagingmaterial, via impact from a laser beam or printed by thermal transfer.

In particular embodiments, laser impacts are read, for example by meansof a camera, and, according to the information read, the additional codeassociated to the product is changed, for example by coding.

In a variant, the printed mark is made invisible by selecting aparticular production process, for example locally altering thereflection coefficient of the label or the packaging or utilizing aninvisible ink of a known type.

In a variant, the printed mark is copied in several parts of thepackaging.

1. An authentication process, that comprises: a step of generating arandom number, a step of generating a time-stamp, a step of generating afirst secret key, a step of truncating the message authentication codeutilizing said first secret key, a step of symmetrically encrypting therandom number, time-stamp and truncation, utilizing a second secret keyto produce an authentication code.
 2. An authentication method accordingto claim 1, wherein, during the step of generating a random number, aquantum generator is utilized.
 3. An authentication method according toclaim 1, wherein, during the truncation step, a cryptographic messageauthenticator is generated utilizing the first secret key.
 4. Anauthentication method according to claim 1, wherein, during the step ofsymmetrically encrypting the random number, time-stamp and truncation byutilizing the second secret key, in addition a hash is produced.
 5. Anauthentication method according to claim 1, that comprises a step ofregularly modifying the first secret key and transmitting the new secretkey to a production site.
 6. An authentication method according to claim1, wherein, during the symmetric encryption step, a code is generatedcomprising alphanumeric characters.
 7. An authentication device, thatcomprises: a means of generating a random number, a means of generatinga time-stamp, a means of generating a first secret key, a means oftruncating the message authentication code utilizing said first secretkey, a means of symmetrically encrypting the random number, time-stampand truncation, utilizing a second secret key to produce anauthentication code.